1SLAPO-AUDITLOG(5)             File Formats Manual            SLAPO-AUDITLOG(5)
2
3
4

NAME

6       slapo-auditlog - Audit Logging overlay to slapd
7

SYNOPSIS

9       /etc/openldap/slapd.conf
10
11       /etc/openldap/slapd.d
12

DESCRIPTION

14       The  Audit Logging overlay can be used to record all changes on a given
15       backend database to a specified log file. Changes are logged  as  stan‐
16       dard  LDIF,  with  an additional comment header providing six fields of
17       information about the change. A second comment header is added  at  the
18       end of the operation to note the termination of the change.
19
20       For Add and Modify operations the identity comes from the modifiersName
21       associated with the operation. This is usually  the  same  as  the  re‐
22       questor's  identity,  but may be set by other overlays to reflect other
23       values.
24

CONFIGURATION

26       This slapd.conf option applies to the Audit Logging overlay.  It should
27       appear after the overlay directive.
28
29       auditlog <filename>
30              Specify the fully qualified path for the log file.
31
32       olcAuditlogFile <filename>
33              For use with cn=config
34

COMMENT FIELD INFORMATION

36       The first field is the operation type.
37       The  second  field  is  the timestamp of the operation in seconds since
38       epoch.
39       The third field is the suffix of the database.
40       The fourth field is the recorded modifiersName.
41       The fifth field is the originating IP address and port.
42       The sixth field is the connection number. A connection number of -1 in‐
43       dicates an internal slapd operation.
44

EXAMPLE

46       The  following LDIF could be used to add this overlay to cn=config (ad‐
47       just to suit)
48
49              dn: olcOverlay=auditlog,olcDatabase={1}mdb,cn=config
50              changetype: add
51              objectClass: olcOverlayConfig
52              objectClass: olcAuditLogConfig
53              olcOverlay: auditlog
54              olcAuditlogFile: /tmp/auditlog.ldif
55

EXAMPLE CHANGELOG

57              # modify 1614223245 dc=example,dc=com cn=admin,dc=example,dc=com IP=[::1]:47270 conn=1002
58              dn: uid=joepublic,ou=people,dc=example,dc=com
59              changetype: modify
60              replace: displayName
61              displayName: Joe Public
62              -
63              replace: entryCSN
64              entryCSN: 20210225032045.045229Z#000000#001#000000
65              -
66              replace: modifiersName
67              modifiersName: cn=admin,dc=example,dc=com
68              -
69              replace: modifyTimestamp
70              modifyTimestamp: 20210225032045Z
71              -
72              # end modify 1614223245
73
74

FILES

76       /etc/openldap/slapd.conf
77              default slapd configuration file
78
79       /etc/openldap/slapd.d
80              default slapd configuration directory
81

SEE ALSO

83       slapd.conf(5), slapd-config(5).
84
85
86
87OpenLDAP 2.6.2                    2022/05/04                 SLAPO-AUDITLOG(5)